- Use any SSO method you are comfortable with (OIDC or SAML)
- In SAML assertion or JWT token you can send user group information to your application (assuming you created those groups in Okta and assigned users to those groups). Then your application can see the info and make appropriate actions